From owner-freebsd-security@FreeBSD.ORG Mon May 23 21:46:37 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B5DE716A41C for ; Mon, 23 May 2005 21:46:37 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from postfix4-1.free.fr (postfix4-1.free.fr [213.228.0.62]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6666443D1F for ; Mon, 23 May 2005 21:46:37 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from tatooine.tataz.chchile.org (vol75-8-82-233-239-98.fbx.proxad.net [82.233.239.98]) by postfix4-1.free.fr (Postfix) with ESMTP id 5693B120BFA; Mon, 23 May 2005 23:46:36 +0200 (CEST) Received: by tatooine.tataz.chchile.org (Postfix, from userid 1000) id F41E7407E; Mon, 23 May 2005 23:46:36 +0200 (CEST) Date: Mon, 23 May 2005 23:46:36 +0200 From: Jeremie Le Hen To: mohan chandra Message-ID: <20050523214636.GG850@obiwan.tataz.chchile.org> References: <20050523122742.49622.qmail@web8508.mail.in.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050523122742.49622.qmail@web8508.mail.in.yahoo.com> User-Agent: Mutt/1.5.9i Cc: freebsd-security@freebsd.org Subject: Re: How to setup IPSec tunnel between FreeBSD and Linux systems...? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 May 2005 21:46:37 -0000 Hi Mohan, > I am trying to setup ipsec tunnel between Freebsd > (host1) and Linux (host2) systems.And I also > interested in executing some ipsec test cases( Like > TAHI conformance test suite) on the same connection. > Please, suggest me some details regarding this setup > and Specify any materials which can be obtained from > from any locations(site).. > > I have enabled IPSec support for FreeBSD (4.11 > Release) and Linux (kernel-2.4.20-8), now I am trying > to estblish ipsec tunnel between these two systems.so > specify the what further procedure can be done to > establish the secure tunnel. > > Please help me to enable the connection...Any sort of > suggestion will be appreciated . FreeBSD uses either KAME IPSec or OpenBSD IPSec (known as Fast-IPSec). As far as I can tell, they are mostly compatible. Linux have two implementation of IPSec : FreeS/WAN and USAGI. FreeS/WAN is, IMHO, a big crap, has ugly code and configuration file. On the other hand, USAGI uses the same userland tools as BSD because they used to work in tight collaboration with KAME (I can't remember the detail though). Furthermore, IIRC, USAGI has been chosen to be merged to Linux mainstream kernel, FreeS/WAN seems to have died since, their last release is dated for more than one year ago. Since the daemons and configuration tools are the same now in BSD and Linux, I think this should not bring to much pain to you to make them work together. Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >